package com.guigu.www.erp.common.interceptor;

import com.guigu.www.erp.common.pojo.TRoleAuthorization;
import com.guigu.www.erp.dehao.pojo.User;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.List;

public class MeunInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session=request.getSession();
        String requestURI = request.getRequestURI();
        List<TRoleAuthorization> author = (List<TRoleAuthorization>) session.getAttribute("author");

        if(author!=null){
            for (TRoleAuthorization roleAuthorization:author) {
                String auUrl = roleAuthorization.getAuthorization().getAuUrl();
                if(auUrl.equals(requestURI)){
                    return true;
                }
            }
        }

        //如果没有权限，跳转到没有权限页面
        response.sendRedirect("/examples/quanxian.html");
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}
